Cyber Security Awareness and Vulnerabilities Blog

RSS

These days it seems like there are security solutions for almost everything except, the one thing you can never fully secure - humans. But, while you can’t control everything they open or click on, you can control their access to your sensitive data.…

Read More

BH blog.png

Black Hat 2018 Las Vegas

  Another year, another Black Hat Conference! This year, we’re excited to represent as one company: SecureAuth + Core Security. Our newly combined company is the first to truly enable Identity and Security together to leverage one another in powerful new ways. We’ll be discussing…

Read More

blog what are the 3 most common access risks.png

These days it seems like there are security solutions for almost everything except, the one thing you can never fully secure - humans. But, while you can’t control everything they open or click on, you can control their access to your sensitive data.…

Read More

20180523_top3iga_Blog Image .jpg

Identity Governance and Administration is a complex and growing, set of solutions that are put in place to help your organization stay compliant with government or industry regulations and, perhaps more importantly, help secure your organization. However, with every new solution, there are…

Read More

Since SecureAuth and Core Security merged in September 2017, the company has been dedicated to secure the enterprise across all principal threat vectors with an identity-based approach to the attack lifecycle. We identified six pillars of intelligent identity and security that represent our…

Read More

bug_color.png

During penetration testing exercises, the ability to make a victim connect to an attacker’s controlled host provides an interesting approach for compromising systems. Such connections could be a consequence of tricking a victim into connecting to us (yes, we act as the attackers ;)…

Read More

20180612_blog_orphanedaccounts.jpg

This column’s question comes from a SecureAuth+Core Security customer who heard about some of the technologies we offer and was unfamiliar with the term Orphaned Account.    “What exactly is an Orphaned Account, how do they happen, and why are they dangerous to security?”  Well,…

Read More

Six Steps to Pen Test

Pen Test with Core Impact

When conducting a penetration test, most testers will develop some type of process, and repeat that same process on every engagement. As I think through the basics of penetration testing, I believe that process can be broken up into six steps. They are:   Information…

Read More

Here is the summary of all exploits released since April 2nd, the last Dot Release: 16 Updates overall  9 Remote exploits 4 Client-Side exploits 3 Product updates Here is the list of published updates: Remote Exploits: Disk Pulse Enterprise GET Buffer Overflow Exploit Disk Savvy Enterprise Buffer Overflow Exploit DiskBoss Enterprise Buffer…

Read More

Do I need IGA.png

Identity Governance & Administration (IGA) is commonly defined as “the policy-based centralized orchestration of user identity management and access control. Identity governance helps support enterprise IT security and regulatory compliance.” Or put into simpler terms, it’s putting in place a solution to ensure that…

Read More